| CVE ID | Title | Vendor | Product | Severity | CVSS Score | Published At | AI Analysis |
|---|---|---|---|---|---|---|---|
| CVE-2025-11620 | Multiple Roles per User <= 1.0 - Missing Authorization to Authenticated (Custom+) Privilege Escalation | jemoreto | Multiple Roles per User | High | 7.2 | 2025-11-18 08:27:31 | Deep Dive |
| CVE-2025-60193 | WordPress Premmerce User Roles plugin <= 1.0.13 - Local File Inclusion vulnerability | Premmerce | Premmerce User Roles | High | 7.5 | 2025-11-06 15:54:50 | Deep Dive |
| CVE-2025-64291 | WordPress Premmerce User Roles plugin <= 1.0.13 - Cross Site Scripting (XSS) vulnerability | Premmerce | Premmerce User Roles | - | - | 2025-10-29 08:38:16 | Deep Dive |
| CVE-2025-62883 | WordPress Premmerce User Roles plugin <= 1.0.13 - Broken Access Control vulnerability | Premmerce | Premmerce User Roles | - | - | 2025-10-27 01:33:44 | Deep Dive |
| CVE-2025-49981 | WordPress User Roles and Capabilities plugin <= 1.2.6 - Broken Access Control Vulnerability | mahabub81 | User Roles and Capabilities | Medium | 4.3 | 2025-06-20 15:04:13 | Deep Dive |
| CVE-2025-23531 | WordPress RSVPMaker Volunteer Roles plugin <= 1.5.1 - Reflected Cross Site Scripting (XSS) vulnerability | davidfcarr | RSVPMaker Volunteer Roles | High | 7.1 | 2025-01-27 14:22:13 | Deep Dive |
| CVE-2025-23528 | WordPress DD Roles plugin <= 4.1 - Privilege Escalation vulnerability | Mosterd3d | DD Roles | 中危 | - | 2025-01-16 20:06:16 | Deep Dive |
| CVE-2023-41130 | WordPress Premmerce User Roles plugin <= 1.0.12 - Broken Access Control vulnerability | Premmerce | Premmerce User Roles | 高危 | - | 2024-12-13 14:24:09 | Deep Dive |
| CVE-2023-27609 | WordPress WP Roles at Registration plugin <= 0.23 - Cross Site Scripting (XSS) vulnerability | NetTantra | WP Roles at Registration | Medium | 5.9 | 2024-11-19 21:56:18 | Deep Dive |
| CVE-2024-49217 | WordPress Adding drop down roles in registration plugin <= 1.1 - Privilege Escalation vulnerability | madiriaashish | Adding drop down roles in registration | - | - | 2024-10-17 17:42:37 | Deep Dive |
| CVE-2019-25213 | Advanced Access Manager <= 5.9.8.1 - Unauthenticated Arbitrary File Read | vasyltech | Advanced Access Manager – Access Governance for WordPress | Critical | 9.8 | 2024-10-16 06:43:32 | Deep Dive |
| CVE-2022-4974 | Freemius SDK <= 2.4.2 - Missing Authorization Checks | dashlabsltd | YASR – Yet Another Star Rating Plugin for WordPress | Medium | 6.3 | 2024-10-16 06:43:30 | Deep Dive |
| CVE-2024-8732 | Roles & Capabilities <= 1.1.9 - Reflected Cross-Site Scripting | arielhr1987 | Roles & Capabilities | Medium | 6.1 | 2024-09-13 15:10:38 | Deep Dive |
| CVE-2024-1716 | Admin Bar Remover <= 1.0.2.2 - Missing Authorization to Authenticated (Subscriber+) Settings Update | litonice13 | Admin Bar Editor – Toolbar Customization with User Role based access & Custom menus | Medium | 4.3 | 2024-05-02 16:52:46 | Deep Dive |
| CVE-2023-51674 | WordPress Advanced Access Manager Plugin <= 6.9.18 is vulnerable to Cross Site Scripting (XSS) | AAM | Advanced Access Manager – Restricted Content, Users & Roles, Enhanced Security and More | Medium | 6.5 | 2024-02-01 10:22:56 | Deep Dive |
| CVE-2022-34344 | WordPress Wholesale Suite Plugin <= 2.1.5 is vulnerable to Broken Access Control | Rymera Web Co | Wholesale Suite – WooCommerce Wholesale Prices, B2B, Catalog Mode, Order Form, Wholesale User Roles, Dynamic Pricing & More | Medium | 5.4 | 2024-01-08 21:13:45 | Deep Dive |
| CVE-2023-51675 | WordPress Advanced Access Manager Plugin <= 6.9.18 is vulnerable to Open Redirection | AAM | Advanced Access Manager – Restricted Content, Users & Roles, Enhanced Security and More | Medium | 4.7 | 2023-12-29 13:57:17 | Deep Dive |
| CVE-2023-50881 | WordPress Advanced Access Manager Plugin <= 6.9.15 is vulnerable to Cross Site Scripting (XSS) | AAM | Advanced Access Manager – Restricted Content, Users & Roles, Enhanced Security and More | Medium | 6.5 | 2023-12-29 11:26:12 | Deep Dive |
| CVE-2021-4402 | Multiple Roles <= 1.3.1- Cross-Site Request Forgery Bypass | cneumann | Multiple Roles | Medium | 4.3 | 2023-07-01 05:33:28 | Deep Dive |
| CVE-2022-3419 | Automatic User Roles Switcher < 1.1.2 - Subscriber+ Privilege Escalation | Unknown | Automatic User Roles Switcher | 中危 | - | 2022-10-31 00:00:00 | Deep Dive |